Faster, Safer, and more Agile Digital Environment at Vienna Insurance Group thanks to Trask

Key Business Benefits and Takeaways:

• We created a self-care portal with a complex API Management
• Enabling the company to rapidly introduce new features to its digital channels and continuously improving the customer experience
• Ensuring uncompromised security for all exposed API interfaces
• Part of it was an overall streamlining of processes leading to noticeable cost optimization
• The technology used: WSO2, API Manager, Kong GW, Micro gateway deployment and hybrid integration

Enterprises today often need help with their ability to deliver value to their clients. Agility is one possible solution to improve time-to-market and overall client satisfaction. On the other hand, enterprises don’t have a suitable set of integration tools to support these agile initiatives. It is necessary to provide an easy-to-use and self-service integration platform that helps agile teams securely and controllably expose and manage their APIs within the enterprise and often even to third parties outside the enterprise.

With today's customer demands, VIG needed an easy-to-use and self-service integration platform

VIG has aimed to increase customer engagement and thus has commenced implementing a new online customer portal with many integrations to backend systems. We recognized the need to implement a new integration platform from the first moment. We built it based on WSO2 API Management, Redis, and integration microservices.

[.infobox][.infobox-heading]API Management Principles[.infobox-heading]API Management forms the bedrock of effective API governance in the digital era. It provides enhanced security, scalability, and control over APIs, ensuring data integrity and reducing the risk of unauthorized access. Additionally, it enables organizations to streamline developer collaboration, improve the user experience, and drive innovation by simplifying the integration of APIs into various applications and services.[.infobox]

There were several pain points that we had to address

• All backends were very different, and overall interconnectivity was not effective
• Former architecture did not support an agile delivery approach
• The old portal was limited in terms of client data availability, and delays were occurring

The new integration platform enabled the buildup of real-time self-care zone regardless of batch-oriented legacy core systems

Thanks to our first step we were able to construct a new customer portal integrated with the backend through an API Management layer. This portal has been developed to streamline access and functionality for users, ensuring seamless interaction with the backend services.

To support this, we have implemented a new API Management framework using WSO2 products. This initiative alsoincludes the deployment of an API Gateway to facilitate efficient and secure API communication. Alongside this technical deployment, we have introduced corresponding development processes aimed at standardizing and optimizing how we build and manage APIs.

Our efforts extend to opening up our companies to the global digital ecosystem, enabling them to utilize a wide range of available APIs. This strategic move is designed to foster greater connectivity and leverage the vast potential of API integration.

Furthermore, we have designed and implemented the platform to run in a containerized Kubernetes environment. This modern infrastructure approach ensures scalability, reliability, and ease of management for our applications and services.

Lastly, we have embarked on training VIG teams. This training is focused on equipping them with the knowledge and skills needed to develop new APIs in accordance with our established best practices. This initiative is crucial for maintaining high standards of quality and innovation in our API development efforts.

[.infobox]Technologies we use: WSO2 API Manager, Kong GW, Micro gateway deployment and hybrid integration.[.infobox]

Also, Microservices were Crucial Components of the Solution

The important part is not just preparing integration solutions, but also implementing business logic and processes shared across channels to allow simultaneous access to a single process (request, etc.) from all channels in real-time.

1. ‍Parties: Collection and storage of client data from the core system (Golem) accumulated into logical units allowing customization or reusing by other applications (e.g. client´s personal data)
2. ‍Contracts: Withdrawal of contracts from all systems just in one response without the need to call the core systems separately (Golem, ISIC)
3. ‍Payments: Access to payment history, upcoming payments, and any payment-related information including debtor identification
4. ‍Documents: Access and collection of any document related to the designed client from all systems
5. ‍Communications: Overview of all communication to the client including e-mails and read receipt feature (confirmation that the client has read the email and opened the attachment)
6. ‍IDP Facade: Communication with identity provider leading to the creation of a username, password, and other identity-related matters serving as a resource for G2 (Golem extension)

Result and benefits? Faster, Smoother, and Safer approach within the context of the whole business

From the end point of view, we fulfilled our plan and got what was needed to be done within the whole context of the client's business. API Management is, from now on, part of the whole insurance group.

[.infobox]Assessment and Planning
Evaluating current API infrastructure, identifying integration objectives, and creating a strategic plan for API Management. Organizations outline goals, resource requirements, and expected outcomes.

API Development and Design
Design and development of APIs to align with their integration goals. API design includes creating a well-structured and user-friendly interface, while development focuses on building the API functionality.

Security Implementation
Ensuring robust security by implementing authentication, authorization, and encryption measures to protect APIs from unauthorized access and potential data breaches.

Monitoring and Optimization
Continuous monitoring of API performance and usage, using analytics to gain insights. Regular optimization is essential to ensure APIs operate efficiently and meet evolving business needs.

Deployment and Testing
Deployment of APIs to the selected API Management platform and rigorously test for performance, functionality, and security. Identification and addressing of any issues before production use.[.infobox]

The introduction of the integration platform based on API Management also enables VIG to streamline the digitalization of many of its client and internal business processes in an agile way while still ensuring a great deal of security and visibility over all integration APIs.

• Faster feature integration
• Smoot Scalability
• Complex Analysis
• Enhanced Security
• Quick Interconnection

We see the integration as a crucial topic for nowadays. It can benefit the whole company more if it is realized. Yet it is still underestimated and not prioritized thing in the management group.

Martin Citron, Head of the Integration department at Trask

Lessons learned: Establishing Communication, Conducting Workshops or e.g. Involving Stakeholders

Every project also brings some new insights to us. Here we learned the main thing, which is to promote and raise awareness. Raising awareness about the integration and ensuring the active involvement of all stakeholders, including business users, developers, and IT operations, is crucial for the success of such integration projects. Establishing clear communication channels, conducting regular workshops, and involving stakeholders early in the project to foster collaboration and address concerns proactively are the keys to delivering seamless integration.

We also see that as an integration platform, it must be promoted and pushed from the architecture side the key is to prioritize security protocols, conduct regular security audits, and base on the industry's best practices to ensure that the API ecosystem remains resilient to cyber threats.

Do you want to advance your business to the next level?

If you need something similar or you want to let your business in your company grow, don´t hesitate to contact us, we are here to bring you the best possible solution.